Количество 2
Количество 2
CVE-2022-22110
In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password could change it to a weak password, such as those with a length of a single character. This may allow an attacker to brute-force users’ passwords with minimal to no computational effort.
GHSA-96v6-hrwg-p378
Weak Password Requirements in Daybyday CRM
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-22110 In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password could change it to a weak password, such as those with a length of a single character. This may allow an attacker to brute-force users’ passwords with minimal to no computational effort. | CVSS3: 7.5 | 0% Низкий | около 4 лет назад |
| GHSA-96v6-hrwg-p378 Weak Password Requirements in Daybyday CRM | CVSS3: 7.5 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу